How to make your WordPress site more secure

Monday, May 19th, 2014 at
9:36 am

WordPress site security should be high on the list of priorities for every WordPress site owner. Due to the opensource nature of the platform, it’s well known that they aren’t the most secure sites. This means that every ‘script kiddie’ – a new term I just learnt from my web hosts security guy – can look around in the back end and see what ‘fun’ they can have. When I told them I wanted to host a WordPress site, they gave me separate hosting on a totally different server, such was the hysteria…

The WordPress Login page

Yes, you know the one situated at www.what-ever-your-domain-is.com/wp-admin. Now, I’m a WordPress newbie and even I know that I also know that the default login is ‘admin’ so now I’m 50% of the way towards hacking into your site and I don’t even know any coding stuff! All I have to do now is guess your favorite color, your pets name, your birthday or whatever else you use as your password and I’m in, ready to wreak havoc. Simpe isn’t it?

So, we need to change the user name, except WordPress doesn’t allow you to do that (What??), so here’s what we’re going to do - I suggest printing this page out.

You will need to go to Users and click Add New as we’re going to add a new user:

Choose a different name to your current ‘admin’ user name. Something that people will not guess easily, so not your nickname or display name. Just a word that you can remember easily and add a no. or two as well.

You will need a different email address to the one your blog currently uses. You could just get one from gmail as a temporary measure.

Ok password. Remember what I said earlier, so don’t choose any of the normal stuff. Make it a little different and again add a number or three – this really will help to stop the hackers.